Zero-day Vulnerability Database

Change view

Zero-day vulnerabilities discovered: 11

Security bypass Oracle Java SE
CVE-2015-4902

Security bypass

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to unknown error related to the Java SE Deployment component. A remote attacker can bypass the click-to-play protection in Java.

Successful exploitation of the vulnerability results in security bypass on the vulnerable system.

Note: the vulnerability was being actively exploited.

i

Exploited by the Fancy Bear APT.

This was quite useful in Pawn Storm, as it used exploits targeting these vulnerabilities to carry out targeted attacks against North Atlantic Treaty Organization (NATO) members and the White House earlier this year.

Software: Oracle Java SE

Exploited by the Fancy Bear APT.

This was quite useful in Pawn Storm, as it used exploits targeting these vulnerabilities to carry out targeted attacks against North Atlantic Treaty Organization (NATO) members and the White House earlier this year.

Remote code execution in Oracle Java SE
CVE-2015-2590

Remote code execution

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to unknown error in Libraries component. A remote attacker can execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in full control of the vulnerable system.

Note: the vulnerability was being actively exploited.



i

The attacks were launched by a cyberespionage group known as Pawn Storm or APT28 targeting the White House and members of the North Atlantic Treaty Organization (NATO) back in April 2015.
The group has been active since 2007 and typically targets military, government and media organizations.


Software: Oracle Java SE

The attacks were launched by a cyberespionage group known as Pawn Storm or APT28 targeting the White House and members of the North Atlantic Treaty Organization (NATO) back in April 2015.
The group has been active since 2007 and typically targets military, government and media organizations.


Remote code execution in Oracle Java SE
CVE-2013-2465

Array indexing error

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to an array indexing error in the storeImageArray() function in awt.dll. A remote attacker can execute arbitrary code with privileges of the current user or targeted application process.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.
i

The exploit was released by security research group Packet Storm Security.

Software: Oracle Java SE

Known/fameous malware:

Styx exploit kit, previously known as Kein
Fiesta EK

The exploit was released by security research group Packet Storm Security.

Remote code execution in Oracle Java SE
CVE-2013-1493

Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to multiple integer and buffer overflows in the color management (CMM) functionality within the 2D component. A remote attacker can create specially crafted Web page, trick the victim into visiting it, trigger memory corruption using an image with crafted raster parameters and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.
i

The vulnerability allows a remote user to execute arbitrary code on the target system via MC Rat (Trojan). The vulnerability was found with the help of Malware Protection Cloud (MPC).

The vulnerability turned out to have been exploited in Sun Shop Campaign and related to breach at security firm Bit9.

Software: Oracle Java SE

Known/fameous malware:

Trojan.Naid, Trojan.Dropper (Symantec).

The vulnerability allows a remote user to execute arbitrary code on the target system via MC Rat (Trojan). The vulnerability was found with the help of Malware Protection Cloud (MPC).

The vulnerability turned out to have been exploited in Sun Shop Campaign and related to breach at security firm Bit9.

Remote code execution in Oracle Java SE
CVE-2013-0422

Arbitrary code execution

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to errors involving Java Management Extensions (JMX) MBean components. A remote attacker can create specially crafted Web site containing a malicious Java applet, trick the victim into opening it, invoke the setSecurityManager() function and execute arbitrary code outside the sandbox with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.
i

The CVE-2013-0422 exploit has also been identified as distributing GameHack and Banki malicious code. The vulnerability was used by Blackhole, Cool Exploit, and Nuclear exploit kits.

Software: Oracle Java SE

Known/fameous malware:

TROJ_REVETON.RJ
TROJ_REVETON.RG.

The CVE-2013-0422 exploit has also been identified as distributing GameHack and Banki malicious code. The vulnerability was used by Blackhole, Cool Exploit, and Nuclear exploit kits.

Remote code execution in Oracle Java SE
CVE-2012-4681

Error Handling

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper handling of Rhino Javascript errors. A remote attacker can create a specially crafted Web site, trick the victim into visiting it and bypass sandbox restrictions to download and execute arbitrary code  with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.
i

The researchers of FireEye began investigation of the vulnerability after Twitter post made by Joshua J. Drake on August, 26.

Software: Oracle Java SE

The researchers of FireEye began investigation of the vulnerability after Twitter post made by Joshua J. Drake on August, 26.

Remote code execution in Oracle Java SE
CVE-2012-1723

Improper Input Validation

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to an error in the HotSpot bytecode verifier. By using untrusted Java Web Start applications and untrusted Java applets in a client deployment, a remote attacker can execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.
i

The vulnerability was exploited by BlackHole Exploit Toolkit after official patch.
The vulnerability was made public by Michael тАШmihiтАЩ Schierl.
According to Brian Krebs, the exploit was used in targeted attacks before official patch from Oracle.

Software: Oracle Java SE

Known/fameous malware:

Trojan.Maljava.

The vulnerability was exploited by BlackHole Exploit Toolkit after official patch.
The vulnerability was made public by Michael тАШmihiтАЩ Schierl.
According to Brian Krebs, the exploit was used in targeted attacks before official patch from Oracle.

TNS Listener Poisoning Attack in Oracle Database
CVE-2012-1675

Spoofing attack

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error in the TNS listener service. A remote attacker can register an existing instance or service name, use man-in-the-middle techniques and read, inject or modify transmitted data.

Successful exploitation of this vulnerability may result in unauthorized access to entire database.

Note: the vulnerability was being actively exploited.

i

Joxean Koret discovered this vulnerability in 2008 and publicly disclosed in 2012.

The vulnerability was used in "TNS Listener Poison Attack"

Software: Oracle Database Server

Joxean Koret discovered this vulnerability in 2008 and publicly disclosed in 2012.

The vulnerability was used in "TNS Listener Poison Attack"

Remote code execution in Oracle Java SE
CVE-2012-3213

Error Handling

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper handling of Rhino Javascript errors. A remote attacker can create a specially crafted Web site, trick the victim into visiting it and execute arbitrary code with privileges of the current user via untrusted Java Web Start applications and untrusted Java applets.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.
i

The vulnerability was disclosed by James Forsha.
Exploited by Wild Neutron.

Software: Oracle Java SE

Known/fameous malware:

Exploit.Java.CVE-2012-3213.b.

The vulnerability was disclosed by James Forsha.
Exploited by Wild Neutron.

Remote code execution in Oracle Java SE
CVE-2011-3544

Error Handling

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper handling of Rhino Javascript errors. A remote attacker can create a specially crafted Web site, trick the victim into visiting it and execute arbitrary code with privileges of the current user via untrusted Java Web Start applications and untrusted Java applets.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.
i

According to Trend Micro, this is a zero-day .The vulnerability was discovered by Michael Schierl.

Software: Oracle Java SE

Known/fameous malware:

Exploit:Java/CVE-2011-3544.

According to Trend Micro, this is a zero-day .The vulnerability was discovered by Michael Schierl.

Remote code execution in Java
CVE-2010-0886

Improper input validation

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an error when parsing URL to a Java Networking Launching Protocol (.jnlp) file. A remote attacker can create a specially crafted link, trick the victim into clicking on it and execute arbitrary commands on the target system with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

i

This vulnerability was originally discovered independently by both Ruben Santamarta and Tavis Ormandy.
The vulnerability was used in Willysy attack. Users who visit the songlyrics.dot.com website were redirected to Russian attack server.

Software: Oracle Java SE

This vulnerability was originally discovered independently by both Ruben Santamarta and Tavis Ormandy.
The vulnerability was used in Willysy attack. Users who visit the songlyrics.dot.com website were redirected to Russian attack server.